v21.2.16
📦 angularView on GitHub →
🐛 6 fixes🔧 1 symbols
Summary
This release focuses on security hardening across core components and fixes several URL and data handling issues in common and platform-server.
🐛 Bug Fixes
- Only strip a literal /index.html suffix from URLs in common.
- Projection attributes moved into constants in compiler.
- Inherit definition feature hardened against polluted prototypes in core.
- Used Object.create(null) for LOCALE_DATA as a hardening measure in core.
- Throw on suspicious URLs and restrict protocol-relative URLs in platform-server.
- Updated domino to the latest version in platform-server.